We’ve recently intercepted a malicious campaign exclusively relying on rogue WordPress sites, ultimately serving client-side exploits to users through the Magnitude Web malware exploitation kit. Despite its relatively low profile in terms of proliferation — we believe the campaign is in its early stages — it exposes a pseudo-randomly generated sub-domains based fraudulent infrastructure that is worth keeping an eye on.